NEWS WRAP-UP: Walmart tracks customers’ facial expressions; teachers hacked; Asians seek cyber insurance

By Byron V. Acohido

Week ending Aug. 11. Walmart has filed a patent for video technology to track customers’ facial expressions as they shop, potentially allowing employees to address customer needs before they have to ask. The system would use video to scan for customers who are frustrated or unhappy if they can’t find a product or figure out pricing. The system also could see when a display or product pleases shoppers. According to the patent filing, Walmart says it’s easier to retain existing customers than acquire new ones. Walmart also will use the technology to analyze trends in shoppers’ purchase behavior over time, according to the patent filing. The system links customers’ facial expressions to their transaction data—meaning how much they’re spending and what they’re buying. Using biometric data collected from customers’ facial expressions, the retailer would link changes in mood to changes in spending. Walmart says this will help stores detect changes in a customer’s purchase habits due to dissatisfaction. If a sharp drop in spending is recorded after a customer is seen with a negative facial expression, the company would be able to better deal with the pain points that are driving away shoppers. Sources:; USA Today; Business Insider;

Teachers get a hard lesson in data protection

Hundreds of current and former teachers in the St. Louis area, members of the Public School and Education Employee Retirement Systems of Missouri, were victims of an identity theft. Hackers obtained access to names, dates of birth, Social Security numbers and addresses, and attempted to use the information to access retirement funds and have them transferred. Some victims’ mailing addresses were changed. Source: Fox2Now, St. Louis

More Asian residents, companies might buy cyber insurance

Demand for cyber insurance from firms in China and elsewhere in Asia could soar, based on inquiries received after the WannaCry ransomware attack earlier this year, executives at American International Group said. The insurer saw an 87 percent jump in inquiries for cyber insurance policies in May compared with April for China and Hong Kong as a direct result of the WannaCry attack. The global increase was 38 percent. Source: Insurance Journal

Ships look to old-fashioned navigation methods in case GPS hacked

The risk of cyber attacks targeting ships’ satellite navigation is pushing nations such as South Korea to develop back-up systems with roots in World War II radio technology. Ships use GPS, which relies on satellite signals, to navigate. Some experts say such systems are vulnerable to jamming by hackers. Many ships lack a back-up navigation system, and if their GPS ceases to function, they risk running aground or colliding with other vessels. Source: Reuters

WannaCry ‘hero’ arrested in separate hacking investigation

A computer expert who helped shut down the WannaCry cyber attack that crippled Britain’s National Health Service and other systems in a number of nations has been arrested in the United States for his alleged role in an unrelated malware attack. Marcus Hutchins found a hidden “kill switch” in the WannaCry ransomware virus that hit more than 300,000 computers in 150 countries. The U.S. arrested him for his alleged role in creating and distributing the Kronos banking Trojan, the Department of Justice said. Source: The Independent

Information exposure could damage Swedish government

A data breach scandal involving the Swedish government’s failure to safeguard information from access by private contractors has ended the tenure of top ministers and threatens to bring down the ruling coalition. Jonas Hinnfors, professor of political science at Sweden’s University of Gothenburg, says the issue has to do with apparent failures by the Swedish Transport Agency to install safeguards preventing potentially sensitive information from being handled by private contractors that don’t have clearances. Source: World Politics Review

More HBO data revealed, ransom note demands millions

The hackers who allegedly seized 1.5 terabytes of data from HBO released more information, including script summaries for the next five episodes of “Game of Thrones, as well as scripts and entire seasons of other HBO shows. The leak also included emails from an HBO executive, as well as the contact list of HBO chief Richard Pleper, which contained the personal phone numbers of “Thrones” actors. Hackers also shared a ransom note, in the form of a video, demanding HBO pay millions or more sensitive company data will be posted. Source: Slate

Center’s lawsuit says virtual private network is not secure

The Center for Democracy and Technology filed a complaint with the Federal Trade Commission, alleging that the Hotspot Shield VPN is violating consumer privacy. The CDT, working with the developers of Carnegie Mellon University’s Mobile App Compliance System, claim that they found multiple instances where Hotspot Shield shared sensitive data with third-party advertising networks. Hotspot Shield vendor AnchorFree denies the allegations. Source: eWeek

Nationwide to pay $5.5 million to settle 2012 data breach

Nationwide Mutual Insurance will pay a $5.5 million settlement and update its security practices as a result of an agreement with 33 states due to a 2012 data breach affecting more than 1.2 million individuals. The states allege that the breach was caused by the insurer’s failure to apply a critical security patch. The breach exposed the Social Security Numbers, driver’s license numbers, credit scoring information and other personal data collected to provide insurance quotes to consumers applying for coverage. Source: Bank Info Security

Ruling means class-action case against CareFirst can proceed

An appellate court decision to allow a class-action lawsuit over a 2014 data breach at CareFirst to move forward could pave the way for future lawsuits, say several privacy attorneys. A Washington, D.C., appeals court overturned a circuit court’s dismissal of a lawsuit brought by members of CareFirst claiming a breach that compromised more than 1 million records put them at risk for identity theft. The judges ruled that a “substantial risk of harm” exists. Courts have struggled to identify concrete harm when it comes to data breaches, but medical data may be held to a higher standard. Source: Fierce Health Care

This column originally appeared on



Share on FacebookShare on Google+Tweet about this on TwitterShare on LinkedInEmail this to someone